HackerOne Blog

Read the HackerOne blog to learn strategies for strengthening your attack resistance with help from highly skilled ethical hackers. Improve your security profile and stay up to date on industry trends and emerging threats.

Category

AI
Application Security
Ethical Hacker
Customer Stories
Blogs From HackerOne's CEO
Penetration Testing
Public Policy
Thought Leadership
Vulnerability Management
Culture and Talent
All
All
/vulnerability-and-security-testing-blog

Get the latest news and insights beamed directly to you.

Popular posts

Discover more with topics that matter to you most.

AI

Generative Artificial Intelligence (GenAI) is ushering in a new era of how humans leverage technology. At HackerOne, we are combining human intelligence with artificial intelligence at scale to improve the efficiency of people and unlock entirely new capabilities.

Application Security

Learn how to prevent vulnerabilities in your applications. We cover current practices in application security, cloud security, API testing, and more.

Ethical Hacker

Ethical hackers, pentesters, and security researchers. We explain everything you need to know about them and how they can help your organization.

Company News

Stay informed of HackerOne partnerships, integrations, hackathon results, and other developments that keep HackerOne customers two steps ahead of cybercriminals.

Blogs From HackerOne's CEO

Read insights from HackerOne Chief Executive Officer Marten Mickos.

Penetration Testing

Follow the latest practices in penetration testing, including API testing, application testing, external networks, internet-facing infrastructure, and more.

Public Policy

HackerOne advocates for policies and standards around the world that support our customers, advance protections for the hacker community, and promote adoption of cybersecurity best practices.

Vulnerability Management

We cover everything in vulnerability management including discovery, prioritization, assessment, disclosure, and remediation.

Kayla Underkoffler
Lead Security Technologist
Submitted by Kayla Underkoffler on Mon, 11/20/2023 - 10:36
Government agency implementing Zero Trust with a VDP
Security Compliance,
Public Policy

How VDP Aligns With Zero Trust

November 20th, 2023
A core component of Zero Trust is enabling external testers to validate the continuous security of external-facing assets, like through a VDP.
Read More
Ilona Cohen
Chief Legal and Policy Officer
Submitted by Ilona Cohen on Thu, 11/16/2023 - 07:03
Fortifying Assets for SEC Compliance
Public Policy,
Security Compliance

Fortifying Assets for SEC Compliance with HackerOne

November 16th, 2023
After the SEC's recent charges against SolarWinds, publicly traded companies need robust cybersecurity risk management.
Read More
Get the latest news and insights beamed directly to you
Josh Jacobson
Director of Professional Services
Submitted by Josh Jacobson on Tue, 11/14/2023 - 07:21
A security team prioritizing vulnerability management
Vulnerability Management

Vulnerability Prioritization: Severity Does Not Mean Priority

November 14th, 2023
A data-informed prioritization strategy is integral to ensuring remediation efforts are practical — and severity does not always mean priority.
Read More
Naz Bozdemir
Lead Product Marketing Manager
Submitted by Naz Bozdemir on Wed, 11/08/2023 - 08:50
Black hole with pink color overlay
Penetration Testing

What Is the Difference Between Pentesting and Bug Bounty?

November 8th, 2023
Do pentesting and bug bounties serve the same purpose or complement each other? Let’s explore the four different approaches to pentests and the key differences between bug bounty and pentesting.
Read More

From Around the Blog